Received: by 10.223.176.5 with SMTP id f5csp2775949wra; Thu, 1 Feb 2018 06:00:28 -0800 (PST) X-Google-Smtp-Source: AH8x224KjOyOCnAyhyw/IWYued2HMVeA0EZL7Pvnl7RHGXpBvaN0DsjA0A0J8tZgs6c5YaNp2pLZ X-Received: by 10.98.194.8 with SMTP id l8mr37266402pfg.26.1517493628651; Thu, 01 Feb 2018 06:00:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517493628; cv=none; d=google.com; s=arc-20160816; b=aYqBKXbNqs1IiNHU48ikEu/qjlG51Px6opIAG/gOfA31eNHVZMtrrEhY/UoMeppUrC Cht08tYQiRW/SmWWnqOzqwTjq/mwiz8qJYC2MeB6KgyGT0RWm3mvdRQzJKebCmNQ007c cs/SaQdZZsJQz2YnAbI7yq3GWCTnCRRhtVDdICV24D17uGh7WGj4vCXPczx3xXYIlmP9 v95kE8sETS24XeXQ1hRn8yoM4w09YKdPs0EwRtm41uULl3LhhFri1lFk9dckMxl2XVt2 8ORDcZUORvcbbnCjqh3a9/hzKgFEgH6YOiCBm+fvlHoKp7sorZB1/1iV2g84bHGs5yO9 aIEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=fe3fCjZYszj4gDqqHMPHkAvXo5gJRLkduGQd7gb3Mys=; b=e5NJqsffvCQv3cS852QWz3ZH1xw2UbxS+xOQlC6n6m5skxds2GdWPNcLEmRpH6wfX5 IMEBV7RQ4C9qVG2Rg4S5P6wotS2gW8xaCSkFz4zkAoQZdPi5O6uxnh5r/Em+0MI9HYm0 E9GjiEa+GOPxcR1uDWZ8qJQ+MbrwIhQTakR4vyN7vLfF4hBpY3HlNjAw0Mwcrm4Osham uzqHNJf4uuYRZi1U3584AYRgUmwvUnZxWpghiFeizEVkIXt/UqZFmbsdTRghrUYejd7p +MJFY9AQ8I/T8BCp2vH57tHFW2Qd12gwkUlX+ZBGj9Y0UtezporUIUHS5NDQvOt2SAKv aTDQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MyW86fYt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f15-v6si4374676plk.245.2018.02.01.06.00.12; Thu, 01 Feb 2018 06:00:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MyW86fYt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751521AbeBAN7t (ORCPT + 99 others); Thu, 1 Feb 2018 08:59:49 -0500 Received: from mail-it0-f68.google.com ([209.85.214.68]:40615 "EHLO mail-it0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751360AbeBAN7q (ORCPT ); Thu, 1 Feb 2018 08:59:46 -0500 Received: by mail-it0-f68.google.com with SMTP id 196so3895712iti.5 for ; Thu, 01 Feb 2018 05:59:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=fe3fCjZYszj4gDqqHMPHkAvXo5gJRLkduGQd7gb3Mys=; b=MyW86fYt18YeZ3dRmeZXIgq6YBjHxrCuKlvZtTOSB1bfyCSx8T/i+Q/jT73WkjwRry Ftl6M6f3oO41hwTCgYkonFuvPsnv+/9s8poYqpVcr/avT51GikLZ4A/kJS8e17/7LJXE A7RD5ur5mQB+k+HWoOFOxp6GubKjzqKaV4UmI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=fe3fCjZYszj4gDqqHMPHkAvXo5gJRLkduGQd7gb3Mys=; b=OX8qgkhvyN4dQa4CFfNy9Rwra//PM+IuB1Kty7n+Xy5Hsk64QMGfU04i64IzIDz65H DGQBR+v0dhMDgbCl6uSjy4nhAba2yOmhKmzUWRutbsl+MiHpTbJvGC9gUsAtFJXDb1Jq qXbbCqsKwYUhQwmFWEYz6rF1aeBv72EIRnFk5Kk1XOY1cV+dx0uvkw7wSwizCtwe6jrg G3ivhv0fFK5TXutoeGmXtHsJImaIk2gJlbaxTfh56VEP0tkWyYk63Jd5lytBklDHnOC8 Yd3nNJ/J6o1Cw4V9ZX1OQ5xN0ja3/88lKd4ov1edJjiJxfJm8aXeQjegcdiY6ND2E5IJ vchQ== X-Gm-Message-State: AKwxytdU7bhOLn3zq0+RV48fjbBycgT0deETstKbPh7L7b0GL/eic+aL qgen5q5vhLXvr/j88abgmJViuedYTXe+nnhiUEAjEg== X-Received: by 10.36.139.134 with SMTP id g128mr10271725ite.59.1517493585703; Thu, 01 Feb 2018 05:59:45 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.112.13 with HTTP; Thu, 1 Feb 2018 05:59:45 -0800 (PST) In-Reply-To: <20180201114657.7323-1-marc.zyngier@arm.com> References: <20180201114657.7323-1-marc.zyngier@arm.com> From: Ard Biesheuvel Date: Thu, 1 Feb 2018 13:59:45 +0000 Message-ID: Subject: Re: [PATCH v3 00/18] arm64: Add SMCCC v1.1 support and CVE-2017-5715 (Spectre variant 2) mitigation To: Marc Zyngier Cc: Linux Kernel Mailing List , linux-arm-kernel , kvmarm , Catalin Marinas , Will Deacon , Peter Maydell , Christoffer Dall , Lorenzo Pieralisi , Mark Rutland , Robin Murphy , Andrew Jones , Hanjun Guo , Jayachandran C , Jon Masters , Russell King - ARM Linux Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 1 February 2018 at 11:46, Marc Zyngier wrote: > ARM has recently published a SMC Calling Convention (SMCCC) > specification update[1] that provides an optimised calling convention > and optional, discoverable support for mitigating CVE-2017-5715. ARM > Trusted Firmware (ATF) has already gained such an implementation[2]. > > This series addresses a few things: > > - It provides a KVM implementation of PSCI v1.0, which is a > prerequisite for being able to discover SMCCC v1.1, together with a > new userspace API to control the PSCI revision number that the guest > sees. > > - It allows KVM to advertise SMCCC v1.1, which is de-facto supported > already (it never corrupts any of the guest registers). > > - It implements KVM support for the ARCH_WORKAROUND_1 function that is > used to mitigate CVE-2017-5715 in a guest (if such mitigation is > available on the host). > > - It implements SMCCC v1.1 and ARCH_WORKAROUND_1 discovery support in > the kernel itself. > > - It finally provides firmware callbacks for CVE-2017-5715 for both > kernel and KVM and drop the initial PSCI_GET_VERSION based > mitigation. > > Patch 1 is already merged, and included here for reference. Patches on > top of arm64/for-next/core. Tested on Seattle and Juno, the latter > with ATF implementing SMCCC v1.1. > > [1]: https://developer.arm.com/support/security-update/downloads/ > > [2]: https://github.com/ARM-software/arm-trusted-firmware/pull/1240 > > * From v2: > - Fixed SMC handling in KVM > - PSCI fixes and tidying up > - SMCCC primitive rework for better code generation (both efficiency > and correctness) > - Remove PSCI_GET_VERSION as a mitigation vector > > * From v1: > - Fixed 32bit build > - Fix function number sign extension (Ard) > - Inline SMCCC v1.1 primitives (cpp soup) > - Prevent SMCCC spamming on feature probing > - Random fixes and tidying up > > Marc Zyngier (18): > arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls > arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls > arm64: KVM: Increment PC after handling an SMC trap > arm/arm64: KVM: Consolidate the PSCI include files > arm/arm64: KVM: Add PSCI_VERSION helper > arm/arm64: KVM: Add smccc accessors to PSCI code > arm/arm64: KVM: Implement PSCI 1.0 support > arm/arm64: KVM: Add PSCI version selection API > arm/arm64: KVM: Advertise SMCCC v1.1 > arm/arm64: KVM: Turn kvm_psci_version into a static inline > arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support > arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling > firmware/psci: Expose PSCI conduit > firmware/psci: Expose SMCCC version through psci_ops > arm/arm64: smccc: Make function identifiers an unsigned quantity > arm/arm64: smccc: Implement SMCCC v1.1 inline primitive > arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support > arm64: Kill PSCI_GET_VERSION as a variant-2 workaround > I have given this a spin on my Overdrive, and everything seems to work as expected, both in the host and in the guest (I single stepped through the guest to ensure that it gets the expected answer from the SMCCC feature info call) Tested-by: Ard Biesheuvel